surveillance | Breaking Cybersecurity News | The Hacker News

Iran has throttled internet access in the country in a purported attempt to hamper Israel's ability to conduct covert cyber operations, days after the latter launched an unprecedented attack on the country, escalating geopolitical tensions in the region. Fatemeh Mohajerani, the spokesperson of the Iranian Government, and the Iranian Cyber Police, FATA, said the internet slowdown was designed to maintain internet stability and that the move is "temporary, targeted, and controlled, to ward off cyber attacks." Data shared by NetBlocks shows a "significant reduction in internet traffic" around 5:30 p.m. local time. The development comes amid deepening conflict, with Israel and Iran trading missile attacks since Friday. These attacks have spilled over into cyberspace, as security experts warned of retaliatory cyber operations by Iranian state actors and hacktivist groups. The digital warfare unfolding behind the scenes goes two ways. Earlier this week, a pro...

Apple has disclosed that a now-patched security flaw present in its Messages app was actively exploited in the wild to target civil society members in sophisticated cyber attacks. The vulnerability, tracked as CVE-2025-43200, was addressed on February 10, 2025, as part of iOS 18.3.1, iPadOS 18.3.1 , iPadOS 17.7.5 , macOS Sequoia 15.3.1 , macOS Sonoma 14.7.4 , macOS Ventura 13.7.4 , watchOS 11.3.1 , and visionOS 2.3.1 . "A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link," the company said in an advisory, adding the vulnerability was addressed with improved checks. The iPhone maker also acknowledged that it's aware the vulnerability "may have been exploited in an extremely sophisticated attack against specifically targeted individuals." It's worth noting that the iOS 18.3.1, iPadOS 18.3.1, and iPadOS 17.7.5 updates also resolved another actively exploited zero-day tracked as CVE-2025-24200. It's curr...

Threat intelligence firm GreyNoise has warned of a "coordinated brute-force activity" targeting Apache Tomcat Manager interfaces. The company said it observed a surge in brute-force and login attempts on June 5, 2025, an indication that they could be deliberate efforts to "identify and access exposed Tomcat services at scale." To that end, 295 unique IP addresses have been found to be engaged in brute-force attempts against Tomcat Manager on that date, with all of them classified as malicious. Over the past 24 hours, 188 unique IPs have been recorded, a majority of them located in the United States, the United Kingdom, Germany, the Netherlands, and Singapore. In a similar vein, 298 unique IPs were observed conducting login attempts against Tomcat Manager instances. Of the 246 IP addresses flagged in the last 24 hours, all of them are categorized as malicious and originate from the same locations. Targets of these attempts include the United States, the Uni...

SaaS Adoption is Skyrocketing, Resilience Hasn't Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn't. These platforms weren't built with full-scale data protection in mind . Most follow a shared responsibility model — wherein the provider ensures uptime and application security, but the data inside is your responsibility. In a world of hybrid architectures, global teams, and relentless cyber threats, that responsibility is harder than ever to manage. Modern organizations are being stretched across: Hybrid and multi-cloud environments with decentralized data sprawl Complex integration layers between IaaS, SaaS, and legacy systems Expanding regulatory pressure with steeper penalties for noncompliance Escalating ransomware threats and inside...

A federal jury on Tuesday decided that NSO Group must pay Meta-owned WhatsApp WhatsApp approximately $168 million in monetary damages, more than four months after a federal judge ruled that the Israeli company violated U.S. laws by exploiting WhatsApp servers to deploy Pegasus spyware, targeting over 1,400 individuals globally. WhatsApp originally filed the lawsuit against NSO Group in 2019, accusing the latter of using Pegasus to target journalists, human rights activists, and political dissidents. Court documents released as part of the trial have revealed that 456 Mexicans were targeted during the campaign, followed by 100 victims in India, 82 in Bahrain, 69 in Morocco, and 58 in Pakistan. In total, individuals across 51 different countries were targeted. The attacks leveraged a then zero-day vulnerability in WhatsApp's voice calling feature ( CVE-2019-3568 , CVSS score: 9.8) to trigger the deployment of the spyware.  In a ruling issued in December 2024, United States ...

In a new campaign detected in March 2025, senior members of the World Uyghur Congress (WUC) living in exile have been targeted by a Windows-based malware that's capable of conducting surveillance. The spear-phishing campaign involved the use of a trojanized version of a legitimate open-source word processing and spell check tool called UyghurEdit++ developed to support the use of the Uyghur language. "Although the malware itself was not particularly advanced, the delivery of the malware was extremely well customized to reach the target population and technical artifacts show that activity related to this campaign began in at least May of 2024," the Citizen Lab said in a Monday report. The investigation, according to the digital rights research laboratory based at the University of Toronto, was prompted after the targets received notifications from Google warning that their accounts had been at the receiving end of government-backed attacks. Some of these alerts we...